menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Technology News

>

Found in t...
source image

Arstechnica

4w

read

165

img
dot

Image Credit: Arstechnica

Found in the wild: 2 Secure Boot exploits. Microsoft is patching only 1 of them.

  • Researchers have discovered two Secure Boot exploits that can bypass protections provided by the mechanism designed to load secure operating system images during the boot-up process.
  • Microsoft has decided to patch only one of the exploits, specifically CVE-2025-3052, which affects over 50 device manufacturers. The vulnerability allows attackers to disable Secure Boot and install malware before the operating system loads.
  • The unpatched Secure Boot bypass vulnerability poses a significant risk, especially to devices running on Linux. It can be exploited remotely to enhance the stealth and potency of attacks, particularly in scenarios where the attacker has administrative control.
  • The root cause of the vulnerability lies in a critical flaw within a firmware flashing tool utilized by DT Research, a supplier of rugged mobile devices. This flaw has been present on VirusTotal since last year and was digitally signed in 2022, indicating it has been available through various channels for some time.

Read Full Article

like

9 Likes

For uninterrupted reading, download the app